<?php
/*
    Copyright 2010 Justin Lipton, Jonathan Rosenberg
    
    This file is part of MediaList.

    MediaList is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    MediaList is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with MediaList.  If not, see <http://www.gnu.org/licenses/>.
*/

$name=$_GET["name"];
$rating = $_GET["rating"];
$progress = $_GET["progress"];
$status = $_GET["status"];
$username = $_COOKIE["user"];

$con = mysql_connect("localhost", "root");
if (!$con)
{
    die('Could not connect: ' . mysql_error());
}

mysql_select_db("DB", $con);

$db = new mysqli("localhost", "root", null , "DB");

$stmt = $db -> prepare("SELECT count(*) FROM ".$username." WHERE Showname=?");
$stmt -> bind_param("s", $name);
$stmt -> execute();
$stmt -> bind_result($row2["count"]);
$stmt -> fetch();

if($row2["count"]!=0)
{
    echo "That show is already on your list<br/>";
}
else
{
    $stmt -> fetch();
    $stmt = $db -> prepare("SELECT count(*) AS count, TotalScores, TotalSeen, ShowId FROM Shows WHERE Showname=?");
    $stmt -> bind_param("s", $name);
    $stmt -> execute();
    $stmt -> bind_result($row["count"], $row["TotalScores"], $row["TotalSeen"], $row["ShowId"]);
    $stmt -> fetch();

    if($row["count"]!=1)
    {
        echo "Show does not exist, please add it: <a href=addNewShow.php>Add a new show</a>";
    }
    else
    {
        $stmt -> fetch();
        $stmt = $db -> prepare("SELECT TotalTimeMinutes, NumViewing, 
                NumCompleted, NumDropped, NumPlanning FROM Users WHERE Username=?");
        $stmt -> bind_param("s", $username);
        $stmt -> execute();
        $stmt -> bind_result($row4["TotalTimeMinues"], $row4["NumViewing"], $row4["NumCompleted"], 
                        $row4["NumDropped"], $row4["NumPlanning"]);
        $stmt -> fetch();
        $stmt -> fetch();
        
        
        $totScores=($rating+$row["TotalScores"]);
        $totSeen=1+$row["TotalSeen"];
        $stmt = $db -> prepare("UPDATE Shows SET TotalScores=?, TotalSeen=? WHERE Showname=?");
        $stmt -> bind_param("sss", $totScores, $totSeen, $name);
        $stmt -> execute();
        
        if($status=="W")
        {
            $nv=1+$row4["NumViewing"];
            $stmt = $db -> prepare("UPDATE Users SET NumViewing=? WHERE Username=?");
            $stmt -> bind_param("ss", $nv, $username);
            $stmt -> execute();
            
            $tt=$row4["TotalTimeMinutes"]+($row["EpisodeLength"]*$progress);
            $stmt = $db -> prepare("UPDATE Users SET TotalTimeMinutes=? WHERE Username=?");
            $stmt -> bind_param("ss", $tt, $username);
            $stmt -> execute();
        }
        else if($status=="C")
        {   
            $nc=1+$row4["NumCompleted"];
            $stmt = $db -> prepare("UPDATE Users SET NumCompleted=? WHERE Username=?");
            $stmt -> bind_param("ss", $nc, $username);
            $stmt -> execute();
            
            $tt=$row4["TotalTimeMinutes"]+($row["EpisodeLength"]*$row["NumEpisodes"]);
            $stmt = $db -> prepare("UPDATE Users SET TotalTimeMinutes=? WHERE Username=?");
            $stmt -> bind_param("ss", $tt, $username);
            $stmt -> execute();
        }
        else if($status=="D")
        {
            $nd= 1+$row4["NumDropped"];
            $stmt = $db -> prepare("UPDATE Users SET NumDropped=? WHERE Username=?");
            $stmt -> bind_param("ss",$nd, $username);
            $stmt -> execute();
            
            $tt=$row4["TotalTimeMinutes"]+($row["EpisodeLength"]*$row["NumEpisodes"]);
            $stmt = $db -> prepare("UPDATE Users SET TotalTimeMinutes=? WHERE Username=?");
            $stmt -> bind_param("ss", $tt, $username);
            $stmt -> execute();
        }
        else if($status=="P")
        {
            $np=1+$row4["NumPlanning"];
            $stmt = $db -> prepare("UPDATE Users SET NumPlanning=? WHERE Username=?");
            $stmt -> bind_param("ss", $np, $username);
            $stmt -> execute();
        }
        if($rating>0)
        {
            $stmt = $db -> prepare("INSERT INTO ".$username." (ShowName, ShowId, Rating, Progress, Status) 
            VALUES (?, ?, ?, ?, ?)");
            $stmt -> bind_param("sssss", $name, $row["ShowId"], $rating, $progress, $status);
            $stmt -> execute();
            
            $stmt = $db -> prepare("INSERT INTO UserShowJoin (Username, ShowName, Rating) 
            VALUES (?, ?, ?)");
            $stmt -> bind_param("sss", $username, $name, $rating);
            $stmt -> execute();
        }
        else
        {
            $stmt = $db -> prepare("INSERT INTO ".$username." (ShowName, ShowId, Rating, Progress, Status) 
            VALUES (?, ?, ?, ?, ?)");
            $stmt -> bind_param("sssss", $name, $row["ShowId"], $rating, $progress, $status);
            $stmt -> execute();
            
            $stmt = $db -> prepare("INSERT INTO UserShowJoin (Username, ShowName, Rating) 
            VALUES (?, ?, ?)");
            $stmt -> bind_param("sss", $username, $name, "NULL");
            $stmt -> execute();
        }

        if($_GET["calledFromPage"] == 0)
        {
            echo "<meta http-equiv=\"REFRESH\" content=\"0;url=table.php?currentUser=".$username."\">";
        }
    }
}
?>

